2 Initial cut at Zot-2012 protocol. This is a very rough draft of some very rough ideas and concepts.
3 It is not yet intended to be a definitive specification and many things like the security handshakes are yet to be specified precisely.
5 All communications are https
8 First create a global unique userid
12 https://macgirvin.com/1
14 $guuid = Strings::base64UrlEncode(hash('whirlpool','https://macgirvin.com/1.' . mt_rand(1000000,9999999),1);
17 Then create a hashed site destination.
19 $gduid = Strings::base64UrlEncode(hash('whirlpool', $guuid . 'https://macgirvin.com',1);
21 These two keys will identify you as a person+site pair in the future.
22 You will also obtain a password upon introducing yourself to a site.
23 This can be used to edit locations in the future. You will always keep your global unique userid
26 The steps to connect with somebody are to first register your location with their site.
27 Then introduce yourself to the person. This contains flags for the desired relationship.
28 At some future time, they may confirm and adjust the relationship based on their comfort level.
29 Lack of confirmation is tantamount to denial.
31 You can set either or both of FOLLOW and SHARE which indicates the relationship from your viewpoint.
34 A relationship is based on you as a person and provided you register new locations with the site you can post from anywhere.
35 You do not need to register locations with each person, only with the site.
38 Introduce yourself to a site:
41 POST https://example.com/post
47 'site' => 'https://macgirvin.com'
48 'info' => 'mike@macgirvin.com'
55 'pass' => me_encrypt($random_string)
62 POST https://example.com/post
67 'address' => $new_gduid
68 'site' => 'https://newsite.com'
69 'info' => 'mike@newsite.com'
70 'pass' => me_encrypt($gduid . '.' . $pass)
77 'pass' => me_encrypt($random_string)
84 POST https://example.com/post
87 'type' => 'remove_location'
90 'pass' => me_encrypt($pass)
104 This message may be reversed/repeated by the destination site to confirm.
105 flags is the desired friendship bits. The same message may be used with different flags
106 to edit or remove a relationship.
109 POST https://example.com/post
115 'target' => 'bobjones@example.com'
116 'flags' => HIDDEN=0,FOLLOW=1,SHARE=1,NOHIDDEN=1,NOFOLLOW=0,NOSHARE=0
117 'confirm' => me_encrypt($guuid . '.' . $pass)
138 Passing messages is done asynchronously. This may (potentially) relieve a lot of the burden of distribution from the posting site. If you're on site 'A' and make a post, site 'A' just contacts any downstream sites and informs them that there is new content (via a $post_id). The downstream site initiates the actual data transfer.
144 POST https://example.com/post
164 POST https://macgirvin.com/post
168 'retrieve' => $post_id
169 'challenge' => you_encrypt('abc123')
170 'verify' => me_encrypt('xyz456' . '.' . $gduid)
178 'response' => 'abc123'
179 'data' => encrypted or raw structured post